search

Exploiting XXE via image file upload

upload a svg file

intercept the request

send it to repeater

find a svg xxe payload

paste it in

view the svg with hostname

submit the hostname

PreviousLab: Exploiting XXE using external entities to retrieve filesNextLab: Exploiting XInclude to retrieve files

Last updated